Your AssureSign account comes with certain built in “Roles” that help to assign security restrictions and grant rights based on common patterns. A good place to start is to review the restrictions placed on each of the default system roles provided to your account, and build your own roles as needed to allow fast creation of users without compromising security.
Note: If at all possible, do not assign all users to the Administrator role. This should be a reserved role just as in your organization’s IT Department. Depending on the size of your AssureSign user group, you may in fact only need one Administrator.
In particular, the following user settings are important to consider:
When enabled, a user will have administrative rights over other’s documents within their account as if they were the creator. This can be beneficial for supervisors or managers who may need to access and administer documents owned by their staff, but consider setting to “Deny” for users not in a management role.
While it may be too broad to grant everyone Document Management rights, if you have a group of users that share a role (such as accounting tasks), then granting visibility to documents belonging to users in the same role may be beneficial.
When enabled, a user will be able to view other’s documents within their account. Consider setting to “Deny” for users who should only have visibility to their own documents.
Typically, this report should be accessed by administrators, or those with management responsibilities requiring viewing statistics about AssureSign signing statistics. Consider setting to “Deny” for users not in a management role.
The ability to create your own sub-accounts (or “child” accounts) allows you to mirror your organization’s structure and isolate access to features and documents based on business need. Consider setting to “Deny” for users who do not have oversight of child accounts.
It can be beneficial, in a larger organization, to assign administrative tasks to users without broadly granting all rights provided by the Administrator role. Consider turning off ALL settings within the “Site Administration” section for users who need not administer accounts, roles, and account settings.